net:enetc: bug fix for qos sfi operate space after freed

'Dan Carpenter' reported:
This code frees "sfi" and then dereferences it on the next line:
>                 kfree(sfi);
>                 clear_bit(sfi->index, epsfp.psfp_sfi_bitmap);

This "sfi->index" should be "index".

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Po Liu <Po.Liu@nxp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/drivers/net/ethernet/freescale/enetc/enetc_qos.c b/drivers/net/ethernet/freescale/enetc/enetc_qos.c
index 172acb6..fd3df19 100644 (file)
--- a/drivers/net/ethernet/freescale/enetc/enetc_qos.c
+++ b/drivers/net/ethernet/freescale/enetc/enetc_qos.c
@@ -903,7 +903,7 @@ static void stream_filter_unref(struct enetc_ndev_priv *priv, u32 index)
                enetc_streamfilter_hw_set(priv, sfi, false);
                hlist_del(&sfi->node);
                kfree(sfi);
-               clear_bit(sfi->index, epsfp.psfp_sfi_bitmap);
+               clear_bit(index, epsfp.psfp_sfi_bitmap);
        }
 }